THREAT OPS › Threat News › lightning PyPI Compromise: A Bun-Based Credential Stealer in Python
lightning PyPI Compromise: A Bun-Based Credential Stealer in Python
A malicious release of the lightning PyPI package ships a credential-stealing Bun payload that runs on import. Snyk has a live advisory. Here's what's in the package, what to rotate, and how the payload pattern connects to the Mini Shai-Hulud npm campaign one day earlier.